By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Connecting to Redshift cluster via Quicksights timeout

0

I have a redshift cluster, and I am trying to connect to it via Quicksights. I believe I have it configured correctly, but I am getting the "connection timeout" error. I am also just trying to connect to it via DBeaver just to test out the public connection. It still errors out. The security group has the following rules Enter image description here The cluster is set to public, and I can see the public IP address.

Outbound rules is empty.

At this point I am not sure what else could be the problem. Would appreciate any guidance.

Topics
Networking & Content DeliveryAnalytics
Tags
Amazon VPCAmazon RedshiftSecurity Group
Language
English
CooperTroop
asked a year ago806 views
3 Answers
1

Apart from allowing the source IP, port in your security group - does your Redshift cluster have the "Publicly accessible" attribute "Enabled"? By default its disabled (see below). By enabling this attribute, your Redshift cluster will receive a Elastic IP address which is required for you to connect.

Preferred option for both QuickSight and standalone Redshift connectivity is to keep the cluster private. Refer the QuickSight documentation here and here for more details.

Enter image description here

AWS
EXPERT
Gokul
answered a year ago
0
Accepted Answer

Ok I eventually figured it out thanks to your help.

I had to delete Quicksight and recreated under the Enterprise subscription. Additionally, I put Quicksight under the same private subnet as my cluster. I configured **different ** security groups for Quicksight (sg-quik456) and for the Redshift Cluster (sg-clster123).

I configured the security group for Quicksight like so:

  • incoming to accept traffic from all ports (0-65535) from the Redshift Cluster's security group (sg-clster123)
  • incoming to accept traffic from port 5439 from the Redshift Cluster's security group (sg-clster123)
  • outbound policy to allow all traffic

I configured the security group for the cluters like so:

  • incoming traffic allow from all ports from Quicksight's security group (sg-quik456)
  • outbout traffic allow from all ports and all ips

Thanks for the references, it was super helpful.

CooperTroop
answered a year ago
0

Thanks for the reply. As you mentioned I have the cluster set as "Publicly accessible" set to True. The weird thing is the IP that I see on the cluster settings does not match any of the IPs that are listed on my Elastic IPs section. I thought this was intended behavior so I did not give it much thought. Should I re-assign the IP to that one of the listed on the Elastic IPs?

If possible I would prefer to keep the cluster private, but I thought that it needed to be public to be accessible by Quicksights. Could it be that I cannot connect to it because my Quicksights is on the "free trial"?

CooperTroop
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content